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DETAILED ACTION 



1. Claims 1-5 are presented for examination. 

The claims and onl\ ihc ckiims form the metes and bounds of the invention. "Office personnel are to give claims their 
broadest reasonable interpretation in light of the supporting disclosure. In re Morris, 127 F.3d 1048, 1054-55, 
44 USPQ2d 1023, 1027-28 (Fed. Cir. 1997). Limitations appearing in the specification but not recited in the claim are 
not read into the claim. In re Prater, 415 F. 2d 1393, 1404-05, 162 USPQ 541, 550-551 (CCPA 1969)" (MPEP p 2100- 
8, c 2, 1 45-48; p 2100-9, c 1, 1 1-4). The Examiner has full latitude to interpret each claim in the broadest reasonable 
sense. The Examiner will reference prior art using terminolog} familiar to one of ordinal') skill in the art. Such an 
approach is broad hi concept and can be either explicit or implicit in meaning. 



Information Disclosure Statement 
2. The information disclosure statements (IDS) submitted on 04/1 8/2005 and 08/1 0/2006 
are in compliance with the provisions of 37 CFR 1.97. The document CN 1 170995 A and 
JP 20022471 1 1 are not considered because they lack an English translation. Otherwise, the 
information disclosure statements are being considered by the examiner. 



Preliminary Amendment 

3. The preliminary amendment submitted on 04/1 8/2005 is duly noted. 



Specification 

Applicant is reminded of the proper language and format for an abstract of the disclosure. 



The abstract should be in narrative form and generally limited to a single paragraph i in a separate sheet within the range 
of 50 to 1 50 words. It is important that the abstract not exceed 150 words in length since the space provided for the 
abstract on the computer tape used by the printer is limited. The form and legal phraseology often used in patent 
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claims, such as "means" and "said," should be avoided. The abstract should describe the disclosure sufficiently to assist 
readers in deciding whether there is a need for consulting the full patent text for details. 

The language should be clear and concise and should not repeat information gi\ en in the title. It should avoid using 
phrases which can be implied, such as, "The disclosure concerns," "The disclosure defined by this invention," "The 
disclosure describes," etc. 

4. The abstract of the disclosure is objected to because the terms "comprising" and "said 
method" are used and legal phraseology should be avoided. Correction is required. See MPEP 
§ 608.01(b). 

The disclosure is objected to because of the following informalities: on page 5, line 29, 
page 6, lines 1,10, and 11, page 7, lines 3, 5, 9, 10, page 8, lines 17 and 27, and page 9, lines 19 
and 22 there are numbers in parenthesis which appear to refer to drawings which were never 
submitted. Appropriate correction is required. 

Claim Objections 

5. Claims 1 and 5 are objected to because of the following informalities: claim 1, line 9 
states "responding to MGC" should read "responding to the MGC", claim 5, line 8 the examiner 
assumed that "said parameter" is the same as "the security authentication parameter" claim 5, 
line 6 if it is not then clarification is needed, if it is please correct. Appropriate correction is 
required. 

Claim Rejections - 35 USC § 112 

The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly claiming the 
subject matter which the applicant regards as his invention. 
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6. Claim 1 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite for 
failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 1 recites the limitation "the security authentication " in line 6 and "the 
authentication result" in line 12. There is insufficient antecedent basis for these limitations in 
the claim. 

Claim Rejections - 35 USC §102 

The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that form the 
basis for the rejections under this section made in this Office action: 

A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by another filed 
in the United States before the invention by the applicant for patent or (2) a patent granted on an application for 
patent by another filed in the United States before the invention by the applicant for patent, except that an 
international application filed under the treaty defined in section 351(a) shall have the effects for purposes of this 
subsection of an application filed in the United States only if the international application designated the United 
States and was published under Article 2 1(2) of such treaty in the English language. 

7. Claim 1, 4, and 5 are rejected under 35 U.S.C. 102(e) as being anticipated by 
US 6961857 (Floryanzia). 

As to claim 1, Floryanzia discloses an authentication method for network security, 
comprising the following steps: step 1 : a Media Gateway Controller (MGC) configuring a Media 
Gateway (MG) with an authentication key, and setting a security data package on a network 
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protocol (Floryanzia Abstract, lines 2-4: in a Registration Security approach, a Gatekeeper sends 
an Access Token in all Registration Request messages. The Access Token contains information 
that authenticates the Gateway (MG) to the Gatekeeper (MGC) and column 2, lines 30-3 1 : Each 
Gatekeeper is also a controller and has some of the same responsibilities as the Media Gateway 
Controller 112...); 

step 2: the MGC, during the security authentication, sending security authentication 
request data to the MG using the data package (Floryanzia column 4, lines 23-3 1 : 
. . .authentication request information comprises the steps of receiving an access token 
comprising a general identifier value, a time stamp value, a challenge value, and a random value. 
In a related feature, the step of receiving non-encrypted authentication request information 
comprises the steps of receiving an H.235 ClearToken comprising a general identifier value, a 
time stamp value, a challenge value, and a random value. . .); 

the MG performing an encryption calculation on the request data using the 
authentication key, and responding to MGC with the encrypted request (Floryanzia column 7, 
lines 1-10 and column 8, lines 35-45: . . .While both CHAP and H.235 use MD5 hashing to 
provide security, according to an embodiment, a mapping between the CHAP and H.235 
messages allows CHAP to use H.235 token data for authentication. In this embodiment, the 
crypto Token fields are mapped to fields of Access Token 204, which acts as an H.235 
ClearToken for transport purposes. In this configuration, Access Token 204 carries all 
information needed to carry out a CHAP protocol Challenge and to enable a node that receives 
such a Challenge to create and evaluate a response. . . .and A Gateway may generate the MD5 



Application/Control Number: 10/531 ,569 
Art Unit: 4171 



Page 6 



message digest using the following values where "+" denotes concatenation: 

Challenge= [Random value+Gateway User Password+Time Stamp value]MD5 Hash 

An authentication server that uses CHAP performs the following calculation to determine what 

the challenge should be: CHAP Response=[CHAP ID+User Password+CHAP Challenge]MD5 

Hash); 

step 3: the MGC determining whether the MG being authenticated is legal according to 
the authentication result (Floryanzia column 8, lines 57-67: With a Gatekeeper that uses 
Registration Security, the Gateway includes an Access Token in all Registration Request (RRQ) 
messages. In such a case, the Access Token contains information that authenticates the Gateway 
to the Gatekeeper. The Gatekeeper formats a message to a RADIUS server that will authenticate 
the information contained in the token. It will respond back to the Gatekeeper with either an 
Access-Accept or Access-Reject message. In turn, the Gatekeeper responds to the Gateway with 
either a Registration Confirm (RCF) message or a Registration Reject (RRJ) message). 

As to claim 4, Floryanzia discloses the authentication method for network security 
according to claim 1, wherein said data package comprises a security authentication request 
signal and a security authentication completion event, said security authentication request signal 
comprising a security authentication parameter, and said security authentication completion 
event comprising a security authentication result parameter (Floryanzia column 8, lines 5-34: 
TABLE 1 ACCESS TOKEN VALUES I II III III ACCESS TOKEN RADIUS VALUE 
ATTRIBUTE (#) DESCRIPTION General Identifier User-Name (1) The Gateway H.323-ID 
value or a user account number Time Stamp CHAP-Challenge (60) The current time of the 
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Gateway; used as an implied CHAP-challenge as if it initially came from the Gatekeeper. 
Challenge CHAP-Password: A 16-byte MD5 message Chap Response (3) digest that is generated 
by the Gateway. Random CHAP-Password: A one-byte value that is CHAP Identifier (3) used by 
an authentication server to identify a particular request. The Gateway increments a variable 
modulo 256 for each authentication request to provide the value. tokenOID (object Not used 
Identifies all tokens of this identifier) type. 1 1 1 1 1 1 1 1 1). 

As to claim 5, Floryanzia discloses the authentication method for network security 
according to claim 4, wherein said step 2 further comprises: step 21 : the MGC sending the 
security authentication request signal in the data package to the MG; step 22: the MG, after 
receiving the security authentication parameter in the security authentication request signal, 
performing encryption calculation on said parameter using the authentication key, and reporting 
the encryption calculated result to the MGC through the security authentication result parameter 
in the security authentication completion event in the data package (Floryanzia Figures 3A, 3B, 
3C, column 9, lines 34-43, and column 10, lines 1-43: FIG. 3A is a diagram of messages that 
may pass between elements of the system of FIG. 2A in a secure Registration message flow. 
Such a message flow can be used for all exchanges between gateways and gatekeepers. 
(25) In block 302, a Gateway generates an Access Token using its Gateway password and the 
Gateway alias, which is a unique identifier of the Gateway under H.323. In block 304, the 
Gateway creates a Registration Request (RRQ) message to send to the Gatekeeper that includes 
the Access Token. In block 306, the RRQ message is sent to the Gatekeeper). 
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Claim Rejections - 35 USC §103 

The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the imention is not identically disclosed or described as set forth in section 
102 of this title, if the differences between the subject matter sought to be patented and the prior art are such that the 
subject matter as a whole would have been ob\ ions at die time the in\ ention was made to a person having ordinary skill 
in the art to which said subject matter pertains. Patentability shall not be negatived by the manner in which the 
invention was made. 

8. Claims 2 and 3 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
US 6961857 (Floryanzia) in view of US 20020120760 (Kimchi). 

As to claim 2, Floryanzia teaches the authentication method for network security 
according to claim 1 . Floryanzia fails to teach wherein said network protocol is Media Gateway 
Control Protocol (MGCP). 

However, Kimchi discloses wherein said network protocol is Media Gateway Control 
Protocol (MGCP) (Kimchi paragraph 0036, lines 1-17: The Media Gateway Control Protocol, 
developed by Telcordia and Level 3 Communications, is one of a few proposed control and 
signal standards to compete with the older H.323 standard for the conversion of audio signals 
carried on telephone circuits (PSTN ) to data packets carried over the Internet or other packet 
networks. The reason new standards are being developed is because of the growing popularity of 
Voice over IP (VoIP ). MGCP and Megaco/H.248 are media gateway control protocols defined 
by the IETF and ITU-T for use in distributed switching environments. Referring to FIG. 3c, 
signaling logic is located on Media Gateway Controllers 330 (MGCs-also known as Call Agents 
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or SoftSwitches) and media logic is located on Media Gateways 332 (MGs). Using MGCP or 
Megaco/H.248 334, MGCs can control MGs to set up media (for example, voice traffic) paths 
336 through the distributed network). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention that the MGCP is one of the proposed upgrades for the older H. 323 standard (Kimchi 
paragraph 0036, lines 1-17: The Media Gateway Control Protocol, developed by Telcordia and 
Level 3 Communications, is one of a few proposed control and signal standards to compete with 
the older H.323 standard for the conversion of audio signals carried on telephone circuits (PSTN 
) to data packets carried over the Internet or other packet networks. The reason new standards are 
being developed is because of the growing popularity of Voice over IP (VoIP ). MGCP and 
Megaco/H.248 are media gateway control protocols defined by the IETF and ITU-T for use in 
distributed switching environments. Referring to FIG. 3c, signaling logic is located on Media 
Gateway Controllers 330 (MGCs-also known as Call Agents or SoftSwitches) and media logic is 
located on Media Gateways 332 (MGs). Using MGCP or Megaco/H.248 334, MGCs can control 
MGs to set up media (for example, voice traffic) paths 336 through the distributed network). 

As to claim 3, Floryanzia teaches the authentication method for network security 
according to claim 1 . Floryanzia fails to teach wherein said network protocol is H248 protocol. 

However, Kimchi discloses wherein said network protocol is H248 protocol (Kimchi 
paragraph 0036, lines 1-17: The Media Gateway Control Protocol, developed by Telcordia and 
Level 3 Communications, is one of a few proposed control and signal standards to compete with 
the older H.323 standard for the conversion of audio signals carried on telephone circuits (PSTN) 
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to data packets carried over the Internet or other packet networks. The reason new standards are 
being developed is because of the growing popularity of Voice over IP (VoIP ). MGCP and 
Megaco/H.248 are media gateway control protocols defined by the IETF and ITU-T for use in 
distributed switching environments. Referring to FIG. 3c, signaling logic is located on Media 
Gateway Controllers 330 (MGCs-also known as Call Agents or SoftSwitches) and media logic is 
located on Media Gateways 332 (MGs). Using MGCP or Megaco/H.248 334, MGCs can control 
MGs to set up media (for example, voice traffic) paths 336 through the distributed network). 

It would be obvious to one of ordinary skill in the art at the time of the applicant's 
invention that the H248 is another proposed upgrade for the older H. 323 standard (Kimchi 
paragraph 0036, lines 1-17: The Media Gateway Control Protocol, developed by Telcordia and 
Level 3 Communications, is one of a few proposed control and signal standards to compete with 
the older H.323 standard for the conversion of audio signals carried on telephone circuits (PSTN) 
to data packets carried over the Internet or other packet networks. The reason new standards are 
being developed is because of the growing popularity of Voice over IP (VoIP ). MGCP and 
Megaco/H.248 are media gateway control protocols defined by the IETF and ITU-T for use in 
distributed switching environments. Referring to FIG. 3c, signaling logic is located on Media 
Gateway Controllers 330 (MGCs-also known as Call Agents or SoftSwitches) and media logic is 
located on Media Gateways 332 (MGs). Using MGCP or Megaco/H.248 334, MGCs can control 
MGs to set up media (for example, voice traffic) paths 336 through the distributed network). 
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Prior An 

9. The prior art made of record and not relied upon is considered pertinent to applicant's 
disclosure. US 7305550 (Applicant's Admitted Prior Art) is pertinent because it teaches method 
for providing authentication and verification services in an enhanced media gateway. US 
20040024902 is pertinent because it teaches Megaco is a device control protocol defining a 
general framework for physically decomposed media gateway, where the intelligence of the 
gateway is in a master node called the media gateway controller and the actual switching and 
media transfer is performed in one or more slave nodes called the media gateway(s). 

Conclusion 

10. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to REBECCA L. PACHURA whose telephone number is (571)270- 
3402. The examiner can normally be reached on Monday-Thursday 7:30 am-6:00 pm est. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ramesh Patel can be reached on (571) 272-3688. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the Patent 
Application Information Retrieval (PAIR) system. Status information for published applications 
may be obtained from either Private PAIR or Public PAIR. Status information for unpublished 
applications is available through Private PAIR only. For more information about the PAIR 
system, see http://pair-direct.uspto.gov. Should you have questions on access to the Private PAIR 
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system, contact the Electronic Business Center (EBC) at 866-217-9197 (toll-free). If you would 
like assistance from a USPTO Customer Service Representative or access to the automated 
information system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
/R. L. P./ 

/Rebecca L Pachura/ 
Examiner, Art Unit 4171 

/RameshB. Patel/ 

Supervisory Patent Examiner, Art Unit 4171 



